{"id":22417,"date":"2021-01-21T23:39:40","date_gmt":"2021-01-22T04:39:40","guid":{"rendered":"https:\/\/www.sherweb.com\/blog\/?p=22417"},"modified":"2025-06-06T11:30:27","modified_gmt":"2025-06-06T15:30:27","slug":"how-to-spot-suspicious-email","status":"publish","type":"post","link":"https:\/\/www.sherweb.com\/blog\/security\/how-to-spot-suspicious-email\/","title":{"rendered":"Smells phishy? How to spot suspicious email"},"content":{"rendered":"

Don\u2019t take the bait! Phishing<\/a> is a method of trying to gather sensitive information using deceptive emails and data<\/a>. The goal is to trick the recipient into believing that the message is something genuine, then prompt them to submit personal information such as an email address, password or even credit card information.<\/p>\n

Think it can\u2019t happen to you? That\u2019s what every phishing victim probably thought\u2014but phishing is a tried and tested type of cyberattack. It\u2019s also getting increasingly sophisticated. In fact, you can purchase entire plug-and-play phishing kits on the dark web<\/a>. More than 20% of all security breaches involve phishing (Verizon, 2020<\/a>). It turns out humans, not hardware or software, are the weak link in the fight against scammers! Instead of deploying advanced technology, criminals simply take advantage of our trust and inattention.<\/p>\n

Most phishing victims are individuals in small and medium-sized businesses, not large corporations. A typical scam will involve hundreds of dollars rather than millions; in other words, no company is too small to be scammed.<\/p>\n

No one\u2019s truly immune, however, not even IT professionals. Yes, we at Sherweb also get suspicious email that are mostly likely phishing attempts. Let\u2019s dissect one of the spoofs we received recently and what makes it smell phishy. Think of it as a quick crash course in arming yourself against future email phishing threats.<\/p>\n

 <\/p>\n

Dissecting a suspicious email<\/h2>\n

Here\u2019s a phishing email example that could land in your inbox:<\/p>\n

\"\"<\/p>\n

Let’s take a closer look!<\/p>\n

Microsoft 365<\/a> flagged this message with “WARNING SPOOFED MESSAGE” in the subject line, so the scam is easier to spot from the beginning. Do you always read the subject lines, though? No such warning is present in the body of the message.<\/p>\n

Not everyone knows what legit voicemail messages forwarded by Microsoft 365<\/a> look like, and it\u2019s surprisingly difficult to validate this against a real-life example online. At first glance, this really does look like a proper voice message; but remember, it\u2019s our lack of attention to detail<\/a> and tendency to do everything on the fly that the hackers rely on.<\/p>\n

Moving on, the somewhat broken HTML in the top part of the message is a red flag. The sender\u2019s name and the university domain the message was supposedly sent from raise concerns as well. What are the actual chances you\u2019d get an email like that out of the blue?<\/p>\n

But as with most phishing attempts, the real confirmation is the URL the message is trying to get you to. Here it is below (it’s not clickable, just so there\u2019s no accidents?):<\/p>\n

http:\/\/t.mail.bose.com\/r\/?id=h38e3c621,27f0dfd1,27c3bbf1&mc=25_CE_MU_LCB200327
\n&ad_rid=116318785&ad_blid=954451489&sc=control&p1=analytics.twitter.com\/daa\/0\/daa_optout_actions?action_id=3&participant_id=716&rd=https:\/\/cou1sij9sq.s3.us-east-2.amazonaws.com\/gooogle.html?&p2=aUmbZ\/xcbFqHczTaewMGbjSqTbifnvhiMsVjPAMbRMRoRLyyNIhsCLHX\/#pcrabtree@sherweb.com#<\/strong><\/p>\n

Upon inspection, it wants to send you to the website of well-known audio devices manufacturer, Bose. Strange! Of course, the first thing you should be asking is: why would Microsoft send you to a non-affiliated commercial website for you to receive a voicemail? If it looks, dare we say, phishy, you\u2019re better off taking no chances. Always be critical!<\/p>\n

The linked webpage is indeed legitimate, in the sense that the sender abuses a flaw in the owner\u2019s website to hide their malicious URL in it. This helps pass the eye test, since the whole scam is less obvious and appears a bit more trustworthy than, say, a message from a Nigerian prince. As the link includes the victim\u2019s email address as a parameter, it can be assumed it will open a page that looks like a Microsoft 365 login, with your username already pre-filled in the login box. Hackers do make things convenient!<\/p>\n

If you were to log in and click on the button, it\u2019s game over. Luckily, you now know what red flags to look for along the way, even with spoofs that appear legitimate!<\/p>\n

Focus on cybersecurity to combat phishing attempts<\/h2>\n

This phishing example is just one among countless others. As you can see, cybersecurity<\/a> is a constant battle. New threats shapeshift at a breakneck speed, while effective classics never really go away. The right security solutions<\/a> are no longer an optional nice-to-have, but rather an essential part of managing a business<\/a>.<\/p>\n

That includes purpose-built email protection platforms like IRONSCALES<\/a>, which help MSPs stop phishing and business email compromise before they hit the inbox. It uses AI to flag threats, simulate real-world attacks and automate response across clients.<\/p>\n

A strong approach to cybersecurity takes both education and responsive products, and Sherweb can help<\/a>. We offer a portfolio of hand-picked solutions, so that you can spend less time researching and more time running your business. We also have subject matter experts and learning resources on hand to guide you through security deployment, monitoring and rectifying issues. Contact us<\/a> or join our partner network<\/a> today to get started!<\/p>\n","protected":false},"excerpt":{"rendered":"

Don\u2019t take the bait! Phishing is a method of trying to gather sensitive information using decep","protected":false},"author":177,"featured_media":22420,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[753],"tags":[919,934],"class_list":["post-22417","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-cybersecurity","tag-cybersecurity-awareness-month"],"yoast_head":"\nSmells phishy? How to spot suspicious email | Sherweb<\/title>\n<meta name=\"description\" content=\"We at Sherweb also get suspicious email that are mostly likely phishing attempts. Let\u2019s dissect one we received recently and what makes it smell phishy.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.sherweb.com\/blog\/security\/how-to-spot-suspicious-email\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Smells phishy? How to spot suspicious email | Sherweb\" \/>\n<meta property=\"og:description\" content=\"We at Sherweb also get suspicious email that are mostly likely phishing attempts. Let\u2019s dissect one we received recently and what makes it smell phishy.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.sherweb.com\/blog\/security\/how-to-spot-suspicious-email\/\" \/>\n<meta property=\"og:site_name\" content=\"Sherweb\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Sherweb\" \/>\n<meta property=\"article:published_time\" content=\"2021-01-22T04:39:40+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-06-06T15:30:27+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.sherweb.com\/blog\/wp-content\/uploads\/BCDR-1200x480@2x.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2400\" \/>\n\t<meta property=\"og:image:height\" content=\"920\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"The Sherweb Team\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@SherWeb\" \/>\n<meta name=\"twitter:site\" content=\"@SherWeb\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"The Sherweb Team\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/how-to-spot-suspicious-email\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/how-to-spot-suspicious-email\\\/\"},\"author\":{\"name\":\"The Sherweb Team\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#\\\/schema\\\/person\\\/42a19dccace310904575a5656cc20976\"},\"headline\":\"Smells phishy? How to spot suspicious email\",\"datePublished\":\"2021-01-22T04:39:40+00:00\",\"dateModified\":\"2025-06-06T15:30:27+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/how-to-spot-suspicious-email\\\/\"},\"wordCount\":856,\"commentCount\":1,\"image\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/how-to-spot-suspicious-email\\\/#primaryimage\"},\"thumbnailUrl\":\"\\\/blog\\\/wp-content\\\/uploads\\\/BCDR-1200x480@2x.png\",\"keywords\":[\"Cybersecurity\",\"Cybersecurity Awareness Month\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/how-to-spot-suspicious-email\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/how-to-spot-suspicious-email\\\/\",\"url\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/how-to-spot-suspicious-email\\\/\",\"name\":\"Smells phishy? How to spot suspicious email | Sherweb\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/how-to-spot-suspicious-email\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/how-to-spot-suspicious-email\\\/#primaryimage\"},\"thumbnailUrl\":\"\\\/blog\\\/wp-content\\\/uploads\\\/BCDR-1200x480@2x.png\",\"datePublished\":\"2021-01-22T04:39:40+00:00\",\"dateModified\":\"2025-06-06T15:30:27+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#\\\/schema\\\/person\\\/42a19dccace310904575a5656cc20976\"},\"description\":\"We at Sherweb also get suspicious email that are mostly likely phishing attempts. Let\u2019s dissect one we received recently and what makes it smell phishy.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/how-to-spot-suspicious-email\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/how-to-spot-suspicious-email\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/how-to-spot-suspicious-email\\\/#primaryimage\",\"url\":\"\\\/blog\\\/wp-content\\\/uploads\\\/BCDR-1200x480@2x.png\",\"contentUrl\":\"\\\/blog\\\/wp-content\\\/uploads\\\/BCDR-1200x480@2x.png\",\"width\":2400,\"height\":920},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/how-to-spot-suspicious-email\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/category\\\/security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Smells phishy? How to spot suspicious email\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/\",\"name\":\"Sherweb\",\"description\":\"More than a cloud marketplace\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#\\\/schema\\\/person\\\/42a19dccace310904575a5656cc20976\",\"name\":\"The Sherweb Team\",\"url\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/author\\\/the-sherweb-team\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Smells phishy? How to spot suspicious email | Sherweb","description":"We at Sherweb also get suspicious email that are mostly likely phishing attempts. Let\u2019s dissect one we received recently and what makes it smell phishy.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.sherweb.com\/blog\/security\/how-to-spot-suspicious-email\/","og_locale":"en_US","og_type":"article","og_title":"Smells phishy? How to spot suspicious email | Sherweb","og_description":"We at Sherweb also get suspicious email that are mostly likely phishing attempts. Let\u2019s dissect one we received recently and what makes it smell phishy.","og_url":"https:\/\/www.sherweb.com\/blog\/security\/how-to-spot-suspicious-email\/","og_site_name":"Sherweb","article_publisher":"https:\/\/www.facebook.com\/Sherweb","article_published_time":"2021-01-22T04:39:40+00:00","article_modified_time":"2025-06-06T15:30:27+00:00","og_image":[{"width":2400,"height":920,"url":"https:\/\/www.sherweb.com\/blog\/wp-content\/uploads\/BCDR-1200x480@2x.png","type":"image\/png"}],"author":"The Sherweb Team","twitter_card":"summary_large_image","twitter_creator":"@SherWeb","twitter_site":"@SherWeb","twitter_misc":{"Written by":"The Sherweb Team","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.sherweb.com\/blog\/security\/how-to-spot-suspicious-email\/#article","isPartOf":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/how-to-spot-suspicious-email\/"},"author":{"name":"The Sherweb Team","@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/42a19dccace310904575a5656cc20976"},"headline":"Smells phishy? How to spot suspicious email","datePublished":"2021-01-22T04:39:40+00:00","dateModified":"2025-06-06T15:30:27+00:00","mainEntityOfPage":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/how-to-spot-suspicious-email\/"},"wordCount":856,"commentCount":1,"image":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/how-to-spot-suspicious-email\/#primaryimage"},"thumbnailUrl":"\/blog\/wp-content\/uploads\/BCDR-1200x480@2x.png","keywords":["Cybersecurity","Cybersecurity Awareness Month"],"articleSection":["Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.sherweb.com\/blog\/security\/how-to-spot-suspicious-email\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.sherweb.com\/blog\/security\/how-to-spot-suspicious-email\/","url":"https:\/\/www.sherweb.com\/blog\/security\/how-to-spot-suspicious-email\/","name":"Smells phishy? How to spot suspicious email | Sherweb","isPartOf":{"@id":"https:\/\/www.sherweb.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/how-to-spot-suspicious-email\/#primaryimage"},"image":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/how-to-spot-suspicious-email\/#primaryimage"},"thumbnailUrl":"\/blog\/wp-content\/uploads\/BCDR-1200x480@2x.png","datePublished":"2021-01-22T04:39:40+00:00","dateModified":"2025-06-06T15:30:27+00:00","author":{"@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/42a19dccace310904575a5656cc20976"},"description":"We at Sherweb also get suspicious email that are mostly likely phishing attempts. Let\u2019s dissect one we received recently and what makes it smell phishy.","breadcrumb":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/how-to-spot-suspicious-email\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.sherweb.com\/blog\/security\/how-to-spot-suspicious-email\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.sherweb.com\/blog\/security\/how-to-spot-suspicious-email\/#primaryimage","url":"\/blog\/wp-content\/uploads\/BCDR-1200x480@2x.png","contentUrl":"\/blog\/wp-content\/uploads\/BCDR-1200x480@2x.png","width":2400,"height":920},{"@type":"BreadcrumbList","@id":"https:\/\/www.sherweb.com\/blog\/security\/how-to-spot-suspicious-email\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.sherweb.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.sherweb.com\/blog\/category\/security\/"},{"@type":"ListItem","position":3,"name":"Smells phishy? How to spot suspicious email"}]},{"@type":"WebSite","@id":"https:\/\/www.sherweb.com\/blog\/#website","url":"https:\/\/www.sherweb.com\/blog\/","name":"Sherweb","description":"More than a cloud marketplace","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.sherweb.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/42a19dccace310904575a5656cc20976","name":"The Sherweb Team","url":"https:\/\/www.sherweb.com\/blog\/author\/the-sherweb-team\/"}]}},"tag_names":["Cybersecurity","Cybersecurity Awareness Month"],"_links":{"self":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts\/22417","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/users\/177"}],"replies":[{"embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/comments?post=22417"}],"version-history":[{"count":11,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts\/22417\/revisions"}],"predecessor-version":[{"id":25524,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts\/22417\/revisions\/25524"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/media\/22420"}],"wp:attachment":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/media?parent=22417"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/categories?post=22417"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/tags?post=22417"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}